Sumo Logic Security Reviews

Name: Sumo Logic Security
Brand: Sumo Logic
Rating: 4.2 (20 reviews)

4.2 out of 5

20 reviews
91% willing to recommend

What is Sumo Logic Security?

Sumo Logic

Get the Sumo Logic Security Buyer's Guide and find out what your peers are saying about Sumo Logic Security, CrowdStrike Falcon, Wazuh and more!

Sumo Logic Security is the #20 ranked solution in SOAR tools, #36 ranked solution in top Security Information and Event Management (SIEM) solutions, and #45 ranked solution in Log Management Software. PeerSpot users give Sumo Logic Security an average rating of 8.4 out of 10. Sumo Logic Security is most commonly compared to CrowdStrike Falcon: Sumo Logic Security vs CrowdStrike Falcon. Sumo Logic Security is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.

Helped 866,088 peers since 2012

Featured Sumo Logic Security reviews

Vinay Patel D N

SOC Analyst at a computer software company with 1,001-5,000 employees

The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk. Sometimes logs will not fetch, and there are issues if the log volume exceeds a threshold. Not every tool is integrated with Sumo Logic. The response time for their support could be better, and it is not very user-friendly.

Read full review

WilsonAitan

Deputy Country Manager at PT Securite Asia Indonesia (ABP Securite)

Sumo Logic Security offers a single dashboard and customization, which are the most valuable features. Additionally, it has a cost-effective structure because it is based on data storage and the number of scans, rather than uploading data. This cost model impacts the customers positively by offering a more straightforward pricing structure.

Read full review

Moole Muralidhara Reddy

DevOps and Solution Architect at ADP

We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it. If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google. We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users. I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything. Overall, I rate the solution a nine out of ten.

Read full review

Sumo Logic Security mindshare

Product category:

As of August 2025, the mindshare of Sumo Logic Security in the Security Information and Event Management (SIEM) category stands at 1.1%, up from 0.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Sumo Logic Security	1.1%
Wazuh	11.8%
Splunk Enterprise Security	9.4%
Other	77.7%

Security Information and Event Management (SIEM)

PeerResearch reports based on Sumo Logic Security reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	Aug 29, 2025	Download
Product	Reviews, tips, and advice from real users	Aug 29, 2025	Download
Comparison	Sumo Logic Security vs Splunk Enterprise Security	Aug 29, 2025	Download
Comparison	Sumo Logic Security vs Wazuh	Aug 29, 2025	Download
Comparison	Sumo Logic Security vs Microsoft Sentinel	Aug 29, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	4.7%	96%	132 interviews Add to research
Wazuh	3.7	11.8%	80%	48 interviews Add to research

Valuable Features

Sumo Logic Security offers valuable features such as out-of-the-box applications and Threat Intelligence integration for monitoring. Users appreciate customizable alerting dashboards, reliable log aggregation, and the ability to troubleshoot production issues. The system's user-friendly query language and responsive interface enhance its efficiency in identifying real-time errors. Users find the ability to create custom alerts and the integration of extensions like CrowdStrike useful. Log Analytics platform and a single customizable dashboard are also highlighted.

"Sumo Logic Security offers a single dashboard and customization, which are the most valuable features."
"The Log Analytics platform is the most effective. If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."

Room for Improvement

Sumo Logic Security requires a more intuitive user interface and improved dashboard functionality. There are obstacles in setup and API integration, and predefined log patterns need enhancement. Users face challenges with scalability and stability, and manual configuration is complex. Improvement in pricing and competitive features, along with seamless integration and faster support response, is necessary. There is also a need for a local data center for specific requirements.

"In terms of improvement, feedback indicates there is a need for a local data center in my country. This is crucial to sell to the government and financial sectors as they require data retention within each country."
"I don't recommend this product."
"The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk."

ROI

Sumo Logic Security has significantly reduced downtime by enhancing troubleshooting capabilities, allowing quick identification of website issues. It saves time by eliminating the need for extensive credential distribution to access individual system logs. Operational processes have improved, with ROI being closely monitored. The amortized costs of Sumo Logic and New Relic are evaluated within the console, satisfying service teams with favorable ROI, preventing them from considering alternatives. However, some are uncertain about the exact ROI.

Pricing

Enterprise users report that Sumo Logic Security pricing through AWS Marketplace is straightforward and offers competitive value, although some caution it's on the expensive side. The pricing model, focused on data storage and event processing, is praised for balancing cost and functionality compared to competitors like Splunk. While some find it high, the simplicity of consolidation onto AWS bills and the reasonable total cost compared to features offered make it appealing for many enterprises.

"Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products."
"The product is costly."
"The license pricing model is based on the events that are processed through the solution."

Popular Use Cases

Organizations primarily use Sumo Logic Security for logging and monitoring operational and security events. It integrates with AWS services to monitor cloud-based applications and infrastructure, alerting on incidents and performance issues. Companies utilize it for centralized logging, troubleshooting, and application debugging, focusing on alert and performance monitoring. Sumo Logic Security acts as a Cloud SIEM, providing robust security incident and event management capabilities, often integrating with IT and SaaS environments for comprehensive security coverage.

Service and Support

Sumo Logic Security's customer service is praised for being responsive, helpful, and engaging. Many users appreciate the technical team's support, noting their quick response times, often within 24 hours. Some mention having direct interactions through email or via account managers. However, experiences vary, as some point out room for improvement and longer response times, especially when lacking enterprise support. Overall, the customer service team is considered friendly and cooperative with most users expressing satisfaction.

Deployment

Users found Sumo Logic Security's initial setup easy, particularly in AWS environments, aided by comprehensive documentation. New users benefit from sample code for Lambda and similar technologies. Once familiar, it poses little challenge. Some automate setup with AMIs, easing integration. Installation simplicity ranges, with dedicated teams facilitating the process. They note the complexity tied to its extensive management scope, yet agree it's simpler than other options. Setup time varies based on log sources.

Scalability

Users find Sumo Logic Security highly scalable, effectively handling diverse workloads and user counts. Many organizations have increased server use without issues, supporting various applications and large data ingestion. Several users rate scalability between seven to nine out of ten, indicating satisfaction with its capacity. Some see financial investment as the only limit. Despite differing environment sizes, Sumo Logic Security consistently meets scalability needs in different settings, maintaining performance without notable concerns.

Stability

Sumo Logic Security demonstrates significant stability, handling heavy server loads effectively. Reports of issues are rare, mostly involving minor dashboard or log latency. Users consistently describe the system as stable and reliable, with optimized queries enhancing performance. Occasional small delays in log processing are considered typical. Complaints about crashes or bugs are minimal, and the vendor promptly addresses outages. Common stability ratings range from seven to nine out of ten, demonstrating user satisfaction.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Sumo Logic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	3
Large Enterprise	9

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	111
Midsize Enterprise	51
Large Enterprise	168

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

13%

Manufacturing Company

Financial Services Firm

Educational Organization

Comms Service Provider

Retailer

Energy/Utilities Company

Construction Company

Real Estate/Law Firm

Insurance Company

Performing Arts

Outsourcing Company

Healthcare Company

Government

University

Transportation Company

Wholesaler/Distributor

Media Company

Consumer Goods Company

Non Profit

Pharma/Biotech Company

Recruiting/Hr Firm

Logistics Company

Hospitality Company

Legal Firm

Recreational Facilities/Services Company

Security Firm

Compare Sumo Logic Security with alternative products

Learn more about Sumo Logic Security

Sumo Logic is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights.

Sumo Logic is developed as a SaaS solution, it processes and analyzes large quantities of IT infrastructure data, spotting patterns and anomalies that can indicate a potential threat or significant event.

The platform is designed to help IT, security, and business operations teams develop, manage, and secure their applications and cloud infrastructures. It collects, aggregates, and analyzes data from various sources including servers, virtual machines, and network devices, providing visibility into complex systems.

What are the key features of Sumo Logic?

Real-time Analytics: Continuous queries and live dashboards that provide insights into application performance, user behavior, and security threats.
Advanced Machine Learning: Utilizes machine learning algorithms to identify trends, anomalies, and patterns.
Integrated Threat Intelligence: Tools and workflows to enhance security postures by detecting threats and anomalies.
Multi-tenant Cloud Service: Allows users to operate in a shared cloud environment securely.

The solution aims to simplify data complexity, streamline operations, and provide actionable insights to businesses across various industries.

Sumo Logic is designed to handle high data volumes from multiple sources without diminishing performance. It is primarily deployed in the cloud with seamless integrations for AWS, Google Cloud, and Microsoft Azure. This flexibility allows users to leverage Sumo Logic’s capabilities regardless of their existing cloud infrastructure.

In summary, Sumo Logic is a comprehensive, AI-driven analytics solution ideal for businesses looking to enhance their IT and security operations through data-driven insights and real-time monitoring. Its flexible deployment options and scalable pricing model make it accessible for various business sizes and sectors.

Julia Miller

Community Director at PeerSpot

Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries

What Solution for SIEM is Best To Be NIST 800-171 Compliant?

When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

What are the main differences between Nessus and Arcsight?

What's The Best Way to Trial SIEM Solutions?

Which is the best SIEM solution for a government organization?

What is the difference between IT event correlation and aggregation?

What Is SIEM Used For?

RSA-EMC vs. other SIEM products?

What Questions Should I Ask Before Buying SIEM?

What are the pros and cons of internal SOC vs SOC-as-a-Service?

Product Categories

Security Information and Event Management (SIEM)

Log Management

Security Orchestration Automation and Response (SOAR)

Popular Comparisons

CrowdStrike Falcon vs Sumo Logic Security

Wazuh vs Sumo Logic Security

Microsoft Sentinel vs Sumo Logic Security

Datadog vs Sumo Logic Security

Splunk Enterprise Security vs Sumo Logic Security

IBM Security QRadar vs Sumo Logic Security

Elastic Security vs Sumo Logic Security

Grafana Loki vs Sumo Logic Security

AWS Security Hub vs Sumo Logic Security

Palo Alto Networks Cortex XSOAR vs Sumo Logic Security

Cortex XSIAM vs Sumo Logic Security

Rapid7 InsightIDR vs Sumo Logic Security

LogRhythm SIEM vs Sumo Logic Security

Amazon CloudWatch vs Sumo Logic Security

Splunk SOAR vs Sumo Logic Security

See all alternatives

Sumo Logic Security Reviews Summary
Author info	Rating	Review Summary
SOC Analyst at a computer software company with 1,001-5,000 employees	3.0	I primarily use Sumo Logic as a Cloud SIEM for alert and insight monitoring, valuing its Log Analytics platform for retrieving logs not available in other tools. However, its correlation rules, log mapping, and support response time need improvement.
Deputy Country Manager at PT Securite Asia Indonesia (ABP Securite)	4.0	I find Sumo Logic Security valuable for its customizable, cost-effective dashboard focused on data storage and scan volume. However, the lack of a local data center is a barrier for government clients needing in-country data retention.
DevOps and Solution Architect at a recruiting/HR firm with 10,001+ employees	4.5	I use Sumo Logic Security to store and monitor application and VPC flow logs, which makes it easy to search logs and identify issues like application 500 errors. However, the solution is expensive, making pricing a potential area for improvement.
Senior Information Security Analyst at Everbridge	3.5	We use Sumo Logic as a log aggregator for AWS environments, leveraging its automation and integrations with tools like CrowdStrike. However, we find its query complexity, UI, scalability, and stability lacking, and have faced challenges with collector connections.
Archtect at a financial services firm with 1,001-5,000 employees	4.0	I use Sumo Logic Security for monitoring due to its valuable rules, ease of use, and straightforward integration. However, API integration needs improvement for seamless log collection. I switched from IBM Security QRadar for its cloud-based advantage on AWS.
Senior Technical Lead	4.5	I primarily use Sumo Logic Security for security and application monitoring, appreciating its real-time observability and ease of use. While stable and reasonably priced, integration with multiple sources needs improvement. I'm aware of pricier alternatives like QRadar, Splunk, and Grafana.
Programmer at a comms service provider with 10,001+ employees	4.0	I primarily use Sumo Logic Security for logging and monitoring, with dashboards to track application performance and logins. I value its customizable search feature, though it has a steep learning curve requiring practice for efficient use.
Director Of Engineering at a tech services company with 51-200 employees	4.5	No summary available

Sumo Logic Security Reviews

What is Sumo Logic Security?

Featured Sumo Logic Security reviews

Sumo Logic Security mindshare

PeerResearch reports based on Sumo Logic Security reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Sumo Logic Security with alternative products

Learn more about Sumo Logic Security

Related articles

Related questions

Product Categories

Popular Comparisons